Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 173 ms.

CVE-2023-35019: Security Bulletin: IBM Security Verify Governance

IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873.

CVE
Open in Source
#vulnerability#auth#ibm
CVE-2022-43831: Security Bulletin: A vulnerability in IBM Storage Scale Container Native that could allow a local user to obtain escalated privileges on a host (CVE-2022-43831)

IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.6.1 could allow a local user to obtain escalated privileges on a host without proper security context settings configured. IBM X-Force ID: 238941.

CVE-2023-0041: IBM Security Guardium is affected by a multiple vulnerabilities (CVE-2023-22809, CVE-2019-12490, CVE-2013-0041)

[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]

CVE-2023-22593: Security Bulletin: IBM Robotic Process Automation for Cloud Pak is vulnerable to security misconfiguration which may result in elevated privileges (CVE-2023-22593).

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges. IBM X-Force ID: 244074.

CVE-2023-45189: Security Bulletin: A vulnerability in IBM Robotic Process Automation may result in access to client vault credentials (CVE-2023-45189).

A vulnerability in IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.10, 23.0.0 through 23.0.10 may result in access to client vault credentials. This difficult to exploit vulnerability could allow a low privileged attacker to programmatically access client vault credentials. IBM X-Force ID: 268752.

CVE-2023-46158: Security Bulletin: IBM WebSphere Application Server Liberty could provide weaker than expected security (CVE-2023-46158)

IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775.

CVE-2023-38268: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site request forgery (CVE-2023-38268)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.

CVE-2023-46167: IBM® Db2® federated server is vulnerable to a denial of service when a specially crafted cursor is used. (CVE-2023-46167)

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367.

CVE-2023-45178: IBM® Db2® is vulnerable to a denial of service when a specially crafted request is used via CLI. (CVE-2023-45178)

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 CLI is vulnerable to a denial of service when a specially crafted request is used. IBM X-Force ID: 268073.

CVE-2023-35905: Security Bulletin: Cross Site Scripting (XSS) CVE-2023-35905 security vulnerability in FileNet Content Manager FileNet DetailedStatus

IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 259384.